<?php
/**
*作用:
*说明:
*版权:
*作者:
*时间:2011/11/15
**/
include_once './include/init.inc.php';
$filename=basename(__FILE__);
$act=isset ( $_GET['act'] ) ? trim ( $_GET['act'] ) : '' ;
$acts = array('login','check_login');
if(!in_array($act,$acts))
{
	checklogin();  //监测后台相关的用户登陆模块
}
if($act=='top')
{
	$smarty->assign('user',$a=getCookie('q_cpc_admin'));
	$smarty->display(ADMIN_TPL.'admin_top.dwt');
}
else if ($act=='left')
{
	//checklogin(); //权限监测
	$smarty->display(ADMIN_TPL.'left.dwt');
}
else if ($act=='right')
{
	$smarty->display(ADMIN_TPL.'right.dwt');

}else if ($act=='login')
{
	$smarty->assign('web',$a=array('title'=>'Q+后台管理系统登陆','web_name'=>'Q+后台管理系统','act'=>'check_login','button'=>'重 置'));
	$smarty->display(ADMIN_TPL.'login.dwt');

}
else if ($act=='check_login')
{
	$username=isset ( $_POST['username'] ) ? trim ( $_POST['username'] ) : '' ;
	$password=isset ( $_POST['password'] ) ? trim ( $_POST['password'] ) : '' ;

	if(strlen($username)>30 || strlen($username)<5)
	{
		alert('资料有误1');
		exit();
	}
	if(!preg_match("/^[".chr(0xa1)."-".chr(0xff)."A-Za-z0-9_]+$/",$username)) //GB2312汉字字母数字下划线正则表达式
	{
		 alert('用户名输入不合规!');
		 exit();
	}
	if(empty($password) || $password=='')
	{
		 alert('资料有误2');
		 exit();
	}
	if(!preg_match('/^[A-Za-z0-9]{6,30}/i',$password))
	{
		  alert('资料有误3');
		  exit();
	}
	$sql="SELECT * FROM `info_q_admin` WHERE `username`='{$username}' LIMIT 1";
	$query=$db->fetch_one($sql);
	if($query)
	{
		 if($query['password']==licuicui_md5($password))
		 {

			  $cpc_login=cookie('q_cpc_admin',$username,$time=3600*24); //存储cookie的值,默认为一天
              //$flag=getCookie('q_cpc_admin');
		      noalert($filename);
		 }
		 else
		 {
			 exit(alert('资料有误4'));
			 exit();
		 }
		 //通过md5自定义加密来判断用户的输入
	}
	else
	{
		alert('对不起,用户不存在...');
		exit();
	}
}else if ($act=='logout')
{
	 cookie('q_cpc_admin','',0); //清除cookie
	 exit(alert('欢迎下次再来',$filename));
	 //noalert($filename);
}else if ($act=='list')
{
      $smarty->display(ADMIN_TPL.'demo.dwt');

}
else
{
	checklogin(); //权限监测
	$smarty->assign('a',array('title'=>'Q+后台管理中心页面'));
	$smarty->display(ADMIN_TPL.'main.dwt');

}

?>